* [PATCH 01/06] ecryptfs: Validate minimum header extent size
@ 2006-06-26 23:46 Stephan Müller
2006-06-27 16:17 ` Michael Halcrow
0 siblings, 1 reply; 2+ messages in thread
From: Stephan Müller @ 2006-06-26 23:46 UTC (permalink / raw)
To: linux-kernel, akpm; +Cc: Michael Halcrow
Kernel version: 2.6.17-mm1
The encrypted file ecryptfs maintains has in the first page meta data that
is needed for ecryptfs operation. As the encrypted file is untrusted,
every bit read of that file must be validated.
The patch ensures that crypt_stat->num_header_extents_at_front is checked
for improper values.
Signed-off-by: Stephan Mueller <smueller@chronox.de>
---
fs/ecryptfs/crypto.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
1d76f6b4a787047ca354c8385614b0d549db6bc8
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
index 427f470..91b350e 100644
--- a/fs/ecryptfs/crypto.c
+++ b/fs/ecryptfs/crypto.c
@@ -1333,7 +1333,8 @@ static int parse_header_metadata(struct
crypt_stat->num_header_extents_at_front =
(int)num_header_extents_at_front;
(*bytes_read) = 6;
- if (crypt_stat->header_extent_size
+ if ((crypt_stat->header_extent_size
+ * crypt_stat->num_header_extents_at_front)
< ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE) {
rc = -EINVAL;
ecryptfs_printk(KERN_WARNING, "Invalid header extent size: "
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2006-06-27 16:18 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-06-26 23:46 [PATCH 01/06] ecryptfs: Validate minimum header extent size Stephan Müller
2006-06-27 16:17 ` Michael Halcrow
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox